package com.sun.mail.imap.protocol;

import com.bssys.spg.dbaccess.model.UserActions;
import com.sun.mail.iap.Argument;
import com.sun.mail.iap.ProtocolException;
import com.sun.mail.iap.Response;
import com.sun.mail.util.ASCIIUtility;
import com.sun.mail.util.BASE64DecoderStream;
import com.sun.mail.util.BASE64EncoderStream;
import com.sun.mail.util.PropUtil;
import java.io.ByteArrayOutputStream;
import java.io.OutputStream;
import java.io.PrintStream;
import java.util.Properties;
import java.util.Vector;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.sasl.RealmCallback;
import javax.security.sasl.RealmChoiceCallback;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;

/* loaded from: input_file:spg-merchant-service-war-2.1.32.war:WEB-INF/lib/mail-1.4.5.jar:com/sun/mail/imap/protocol/IMAPSaslAuthenticator.class */
public class IMAPSaslAuthenticator implements SaslAuthenticator {
    private IMAPProtocol pr;
    private String name;
    private Properties props;
    private boolean debug;
    private PrintStream out;
    private String host;

    public IMAPSaslAuthenticator(IMAPProtocol iMAPProtocol, String str, Properties properties, boolean z, PrintStream printStream, String str2) {
        this.pr = iMAPProtocol;
        this.name = str;
        this.props = properties;
        this.debug = z;
        this.out = printStream;
        this.host = str2;
    }

    @Override // com.sun.mail.imap.protocol.SaslAuthenticator
    public boolean authenticate(String[] strArr, String str, String str2, String str3, String str4) throws ProtocolException {
        String str5;
        synchronized (this.pr) {
            Vector vector = new Vector();
            Response response = null;
            boolean z = false;
            if (this.debug) {
                this.out.print("IMAP SASL DEBUG: Mechanisms:");
                for (String str6 : strArr) {
                    this.out.print(new StringBuffer().append(" ").append(str6).toString());
                }
                this.out.println();
            }
            try {
                SaslClient createSaslClient = Sasl.createSaslClient(strArr, str2, this.name, this.host, this.props, new CallbackHandler(this, str3, str4, str) { // from class: com.sun.mail.imap.protocol.IMAPSaslAuthenticator.1
                    private final String val$u;
                    private final String val$p;
                    private final String val$realm;
                    private final IMAPSaslAuthenticator this$0;

                    {
                        this.this$0 = this;
                        this.val$u = str3;
                        this.val$p = str4;
                        this.val$realm = str;
                    }

                    @Override // javax.security.auth.callback.CallbackHandler
                    public void handle(Callback[] callbackArr) {
                        if (this.this$0.debug) {
                            this.this$0.out.println(new StringBuffer().append("IMAP SASL DEBUG: callback length: ").append(callbackArr.length).toString());
                        }
                        for (int i = 0; i < callbackArr.length; i++) {
                            if (this.this$0.debug) {
                                this.this$0.out.println(new StringBuffer().append("IMAP SASL DEBUG: callback ").append(i).append(": ").append(callbackArr[i]).toString());
                            }
                            if (callbackArr[i] instanceof NameCallback) {
                                ((NameCallback) callbackArr[i]).setName(this.val$u);
                            } else if (callbackArr[i] instanceof PasswordCallback) {
                                ((PasswordCallback) callbackArr[i]).setPassword(this.val$p.toCharArray());
                            } else if (callbackArr[i] instanceof RealmCallback) {
                                RealmCallback realmCallback = (RealmCallback) callbackArr[i];
                                realmCallback.setText(this.val$realm != null ? this.val$realm : realmCallback.getDefaultText());
                            } else if (callbackArr[i] instanceof RealmChoiceCallback) {
                                RealmChoiceCallback realmChoiceCallback = (RealmChoiceCallback) callbackArr[i];
                                if (this.val$realm == null) {
                                    realmChoiceCallback.setSelectedIndex(realmChoiceCallback.getDefaultChoice());
                                } else {
                                    String[] choices = realmChoiceCallback.getChoices();
                                    int i2 = 0;
                                    while (true) {
                                        if (i2 >= choices.length) {
                                            break;
                                        }
                                        if (choices[i2].equals(this.val$realm)) {
                                            realmChoiceCallback.setSelectedIndex(i2);
                                            break;
                                        }
                                        i2++;
                                    }
                                }
                            }
                        }
                    }
                });
                if (createSaslClient == null) {
                    if (this.debug) {
                        this.out.println("IMAP SASL DEBUG: No SASL support");
                    }
                    return false;
                }
                if (this.debug) {
                    this.out.println(new StringBuffer().append("IMAP SASL DEBUG: SASL client ").append(createSaslClient.getMechanismName()).toString());
                }
                try {
                    String writeCommand = this.pr.writeCommand(new StringBuffer().append("AUTHENTICATE ").append(createSaslClient.getMechanismName()).toString(), null);
                    OutputStream iMAPOutputStream = this.pr.getIMAPOutputStream();
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    byte[] bArr = {13, 10};
                    boolean z2 = createSaslClient.getMechanismName().equals("XGWTRUSTEDAPP") && PropUtil.getBooleanProperty(this.props, new StringBuffer().append("mail.").append(this.name).append(".sasl.xgwtrustedapphack.enable").toString(), true);
                    while (!z) {
                        try {
                            response = this.pr.readResponse();
                            if (response.isContinuation()) {
                                byte[] bArr2 = null;
                                if (!createSaslClient.isComplete()) {
                                    byte[] newBytes = response.readByteArray().getNewBytes();
                                    if (newBytes.length > 0) {
                                        newBytes = BASE64DecoderStream.decode(newBytes);
                                    }
                                    if (this.debug) {
                                        this.out.println(new StringBuffer().append("IMAP SASL DEBUG: challenge: ").append(ASCIIUtility.toString(newBytes, 0, newBytes.length)).append(" :").toString());
                                    }
                                    bArr2 = createSaslClient.evaluateChallenge(newBytes);
                                }
                                if (bArr2 == null) {
                                    if (this.debug) {
                                        this.out.println("IMAP SASL DEBUG: no response");
                                    }
                                    iMAPOutputStream.write(bArr);
                                    iMAPOutputStream.flush();
                                    byteArrayOutputStream.reset();
                                } else {
                                    if (this.debug) {
                                        this.out.println(new StringBuffer().append("IMAP SASL DEBUG: response: ").append(ASCIIUtility.toString(bArr2, 0, bArr2.length)).append(" :").toString());
                                    }
                                    byte[] encode = BASE64EncoderStream.encode(bArr2);
                                    if (z2) {
                                        byteArrayOutputStream.write(ASCIIUtility.getBytes("XGWTRUSTEDAPP "));
                                    }
                                    byteArrayOutputStream.write(encode);
                                    byteArrayOutputStream.write(bArr);
                                    iMAPOutputStream.write(byteArrayOutputStream.toByteArray());
                                    iMAPOutputStream.flush();
                                    byteArrayOutputStream.reset();
                                }
                            } else if (response.isTagged() && response.getTag().equals(writeCommand)) {
                                z = true;
                            } else if (response.isBYE()) {
                                z = true;
                            } else {
                                vector.addElement(response);
                            }
                        } catch (Exception e) {
                            if (this.debug) {
                                e.printStackTrace();
                            }
                            response = Response.byeResponse(e);
                            z = true;
                        }
                    }
                    if (createSaslClient.isComplete() && (str5 = (String) createSaslClient.getNegotiatedProperty("javax.security.sasl.qop")) != null && (str5.equalsIgnoreCase("auth-int") || str5.equalsIgnoreCase("auth-conf"))) {
                        if (this.debug) {
                            this.out.println("IMAP SASL DEBUG: Mechanism requires integrity or confidentiality");
                        }
                        return false;
                    }
                    Response[] responseArr = new Response[vector.size()];
                    vector.copyInto(responseArr);
                    this.pr.notifyResponseHandlers(responseArr);
                    this.pr.handleResult(response);
                    this.pr.setCapabilities(response);
                    if (z2) {
                        Argument argument = new Argument();
                        argument.writeString(str2 != null ? str2 : str3);
                        Response[] command = this.pr.command(UserActions.LOGIN, argument);
                        this.pr.notifyResponseHandlers(command);
                        this.pr.handleResult(command[command.length - 1]);
                        this.pr.setCapabilities(command[command.length - 1]);
                    }
                    return true;
                } catch (Exception e2) {
                    if (this.debug) {
                        this.out.println(new StringBuffer().append("IMAP SASL DEBUG: AUTHENTICATE Exception: ").append(e2).toString());
                    }
                    return false;
                }
            } catch (SaslException e3) {
                if (this.debug) {
                    this.out.println(new StringBuffer().append("IMAP SASL DEBUG: Failed to create SASL client: ").append(e3).toString());
                }
                return false;
            }
        }
    }
}
